[ANNOUNCE] Git 1.7.3.4, 1.6.6.3 and others
Junio C Hamano
gitster at pobox.com
Wed Aug 31 22:00:56 BST 2011
The latest maintenance release Git 1.7.3.4 is available at the
usual places:
http://www.kernel.org/pub/software/scm/git/
git-1.7.3.4.tar.{gz,bz2} (source tarball)
git-htmldocs-1.7.3.4.tar.{gz,bz2} (preformatted docs)
git-manpages-1.7.3.4.tar.{gz,bz2} (preformatted docs)
The RPM binary packages for a few architectures are found in:
RPMS/$arch/git-*-1.7.3.4-1.fc13.$arch.rpm (RPM)
Among many fixes since v1.7.3.3, it contains a fix to a recently
discovered XSS vulnerability in Gitweb (CVE 2010-3906). A backport
to an earlier maintenance track 1.6.6.3 is available (replace 1.7.3.4 with
1.6.6.3 above).
The Gitweb fix has also been backported to maintenance tracks of other
earlier releases (1.7.2.5, 1.7.1.4, 1.7.0.9, 1.6.5.9, and 1.6.4.5) and are
available from the main repository and shortly will be available from its
mirrors:
git://git.kernel.org/pub/scm/git/git.git/
git://repo.or.cz/alt-git.git/
git://git-core.git.sourceforge.net/gitroot/git-core/git-core/
git://github.com/git/git.git/
----------------------------------------------------------------
Git v1.7.3.4 Release Notes
==========================
Fixes since v1.7.3.3
--------------------
* Smart HTTP transport used to incorrectly retry redirected POST
request with GET request.
* "git apply" did not correctly handle patches that only change modes
if told to apply while stripping leading paths with -p option.
* "git apply" can deal with patches with timezone formatted with a
colon between the hours and minutes part (e.g. "-08:00" instead of
"-0800").
* "git checkout" removed an untracked file "foo" from the working
tree when switching to a branch that contains a tracked path
"foo/bar". Prevent this, just like the case where the conflicting
path were "foo" (c752e7f..7980872d).
* "git cherry-pick" or "git revert" refused to work when a path that
would be modified by the operation was stat-dirty without a real
difference in the contents of the file.
* "git diff --check" reported an incorrect line number for added
blank lines at the end of file.
* "git imap-send" failed to build under NO_OPENSSL.
* Setting log.decorate configuration variable to "0" or "1" to mean
"false" or "true" did not work.
* "git push" over dumb HTTP protocol did not work against WebDAV
servers that did not terminate a collection name with a slash.
* "git tag -v" did not work with GPG signatures in rfc1991 mode.
* The post-receive-email sample hook was accidentally broken in 1.7.3.3
update.
* "gitweb" can sometimes be tricked into parrotting a filename argument
given in a request without properly quoting.
Other minor fixes and documentation updates are also included.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the git-announce
mailing list